CVE-2005-0592

Publication date 25 March 2005

Last updated 24 July 2024

Ubuntu priority

Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mozilla	7.04 feisty	Not in release
	6.10 edgy	Fixed 1.7.12-1.1ubuntu2
	6.06 LTS dapper	Fixed 1.7.12-1.1ubuntu2
mozilla-thunderbird	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-149-3
Ubuntu 4.10 update for Firefox vulnerabilities
28 July 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-0592